
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
	"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<?php
$layout = explode('&&&', file_get_contents('layout.html'));
echo $layout[0];

session_start();
if (!(isset($_SESSION['username'])))
	header("location:login.php");
?>

<html>
<body>

<!-- Begin Main Column -->

<div id="mainContent">

	<h2>Find an Organization</h2>

         <p></p>Search Organization
		        <form id="form2" method="post" action="">
		          <table width="300" border="0">
		            <tr>
		              <td>Organization Name:</td>
		              <td><label>
		                <input type="text" name="organization_name" id="organization_name" />
		              </label></td>
            </tr>

          </table>
          <p>
            <label>
            <input type="submit" name="organization_search" id="organization_search" value="Search" class="button" />
            </label>
          </p>
	</form>


<!-- Begin Side Column -->
<!-- Begin Footer -->

<?php
	 	if($_POST) {
			ob_start();
			$host="localhost"; // Host name
			$username="root"; // Mysql username
			$password=""; // Mysql password
			$db_name="rtl"; // Database name

			// Connect to server and select databse.
			mysql_connect("$host", "$username", "$password")or die("cannot connect");
			mysql_select_db("$db_name")or die("cannot select DB");


			$organization_name=$_POST['organization_name'];
			$action=$_GET['id'];

			// To protect MySQL injection (more detail about MySQL injection)
			$organization_name = stripslashes($organization_name);


			$organization_name = mysql_real_escape_string($organization_name);


			$organization_name = "%".$organization_name."%";
			$organization_name_query = mysql_query("SELECT ORGID, ORGNAME,ADDRESS,CITY FROM ORGANIZATION WHERE ORGNAME LIKE '$organization_name'");
				echo "<table border='1'>";
  				echo "<tr> <th>Organization Name</th> <th>Address</th> <th>City</th>";

  				//keeps getting the next row until there are no more to get
				while($row = mysql_fetch_array($organization_name_query))
				{
					$organization_id = $row['ORGID'];
					// Print out the contents of each row into a table
					echo "<tr><td>";
					if($action == 1) {
						echo "<a href=\"EditOrganization.php?id='$organization_id'\">".$row['ORGNAME']."</a>";
					}
					else if($action == 2) {
						echo "<a href=\"DeleteOrganization.php?id='$organization_id'\">".$row['ORGNAME']."</a>";
					}
					echo "</td><td>";
					echo $row['ADDRESS'];
					echo "</td><td>";
					echo $row['CITY'];
				}
				echo "</table>";



		}
	?>
    </div>
<?php
echo $layout[1];
?>
</body>
</html>